It’s Halloween, so let’s discuss something scary in the IT world. Two recent studies have reported that cybercriminals are setting new records deploying advanced ransomware campaigns, with data showing that cybercrime is both growing more sophisticated and causing more widespread damage – as cybercriminals exploit ransomware-as-a-service (RaaS) and large language model AI (LLMs).

According to a recent ransomware study, 20% of participants reported that their company fell victim to a ransomware attack in 2023. However, only just over half of those responsible for recovery felt that C-level leadership was “actively involved in conversations and decision-making” regarding attack mitigation and prevention.  There is a lot at stake and the fallout from ignoring the issue can be devestating. These compelling trends around RaaS and LLMs should encourage conversations regarding cybersecurity — and it just might startle them enough to understand that cybersecurity is a necessity in today’s IT environment.

Ransomware-As-A-Service (RaaS) in 2023

Deep Instinct’s Bi-Annual Cyber Threat Report offered a sobering insight: During the first half of 2023, there were 2,987 recorded ransomware intiatives – passing 2022’s total of 2,835 for the entire year.  The proliferation of RaaS provides cybercriminals with little experience and few available resources to procure ready-made ransomware tools from RaaS bad actors. The ransomware attacks impact multiple vulnerable victims at the same time, upwards to tens of millions. The growth of RaaS only serves to predict an ominous growing and evolving threat.

Cybercriminals Use Large Language Models (LLMs) To Proliferate Attacks

The first six months of 2023 also saw a notable increase in the use of robust LLMs. Cybercriminals exploited ChatGPT and other generative AI tools by utilizing several jailbreaking guides in underground forums to develop their own LLMs like WormGPT, already used to professionally impersonate businesses in business email compromise (BEC) attacks, according to the Deep Instinct Report.

ChatGPT is brand new, but its already changing cyber-attacks as we have come to understand them.

“This year feels different, like the start of a new era, as artificial intelligence quickly infiltrates the workforce,” said Mark Vaitzman, Threat Lab Team Leader at Deep Instinct, in a press release. “This report showcases how cybercriminals are adapting to these shifts and becoming more sophisticated in their approach. Prevention against these cyber-attacks is possible, but it requires a change from the reactive, ‘assume breach’ mentality that has plagued the industry for far too long.”

For their part, organizations will be required to design more complex prevention strategies in order to survive.

Protection And Prevention

As companies confront this perilous landscape, they must understand that protection and prevention need a multifaceted approach because criminals can attack from anywhere.

The primary ransomware targets in Hornetsecurity’s report were:

  • server infrastructure and network storage (44.8%)
  • multiple endpoints (34.5%)
  • single endpoints (31%)

The report also revealed that the most common attacks were:

  • email and phishing attacks (51.7%)
  • compromised endpoints (20.7%)
  • social engineering and unknown (13.8%)

Because of the technological sophistication of ransomware-as-a-service and LLMs, these breaches are difficut to spot, especially if businesses don’t have adequate cybersecurity protection and employee training.

The Good News: There has been a 4.2% decrease in ransomware attacks in 2023 compared to the previous year, proving more stringent awareness. However, many businesses are still missing vital elements of cybersecurity infrastructure. 12.2% of survey participants reported that their company does not have a current disaster recovery plan, and 19% do not offer their employees any cybersecurity awareness training.

Prevention is the key to defense against these sophisticated ransomware threats, and requires a multifaceted approach integrating advanced technology solutions, educational initiatives and a proactive mindset.

Don’t Get Spooked: Alliance IT Can Help

As fast as the technology moves and the criminals evolve and utilize ransomware-as-a-service as a vulnerable point, you need professionals on your side. The team at Alliance IT keeps up to date with the threats so you don’t need to – call today to learn more.